• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Copyright (c) 2012-2018 LK Trusty Authors. All Rights Reserved.
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7#      http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14#
15
16LOCAL_DIR := $(GET_LOCAL_DIR)
17
18ARCH := x86
19SUBARCH := x86-64
20TARGET := generic-x86_64
21
22WITH_LINKER_GC := 1
23
24TRUSTY_USER_ARCH := x86
25
26# enable LTO in user-tasks modules
27USER_LTO_ENABLED ?= true
28
29# enable LTO in kernel modules
30KERNEL_LTO_ENABLED ?= true
31
32# enable cfi in trusty modules
33USER_CFI_ENABLED ?= true
34KERNEL_CFI_ENABLED ?= true
35
36# Limit heap grows
37GLOBAL_DEFINES += HEAP_GROW_SIZE=8192
38
39# Use lk libc in the kernel for now. musl does not currently link
40LK_LIBC_IMPLEMENTATION := lk
41
42WITH_TRUSTY_VIRTIO_IPC_DEV ?= false
43
44# Derive RPMB key using HKDF
45WITH_HKDF_RPMB_KEY ?= true
46
47# Always allow provisioning for emulator builds
48STATIC_SYSTEM_STATE_FLAG_PROVISIONING_ALLOWED := 1
49
50# Enable Secure Storage AIDL interface
51STORAGE_AIDL_ENABLED ?= true
52
53# Non-secure KeyMint Trusty VM is used on x86_64 / cuttlefish
54KEYMINT_TRUSTY_VM ?= nonsecure
55
56MODULES += \
57	trusty/kernel/lib/trusty \
58	trusty/kernel/services/apploader \
59
60#
61## user tasks to be compiled into lk.bin
62#
63
64## prebuilt
65TRUSTY_PREBUILT_USER_TASKS :=
66
67# compiled from source
68TRUSTY_BUILTIN_USER_TASKS := \
69	trusty/user/app/gatekeeper \
70	trusty/user/app/keymint/app \
71	trusty/user/app/sample/hwaes \
72	trusty/user/app/sample/hwbcc \
73	trusty/user/app/sample/hwcrypto \
74	trusty/user/app/sample/hwcryptohal/server/app \
75	trusty/user/app/storage \
76	trusty/user/base/app/apploader \
77	trusty/user/base/app/system_state_server_static \
78
79WITH_TRUSTY_IPC := true
80
81# On generic-x86_64 hwcrypto requires FAKE HWRNG and HWKEY services
82WITH_FAKE_HWRNG ?= true
83WITH_FAKE_HWKEY ?= true
84WITH_FAKE_KEYBOX ?= true
85
86ASLR ?= false
87
88EXTRA_BUILDRULES += trusty/kernel/app/trusty/user-tasks.mk
89